We, the company Hotel Schlossberg Wehingen, thank you for your visit to our website and for your interest in our company and our services. We place high priority on the protection of your privacy when processing data. We shall therefore only process your personal data in accordance with the provisions of German and European data protection legislation. We wish for you to feel secure when visiting our website.
Introduction
With this privacy policy, we are complying with our information obligations towards the visitors and users of these website pages as defined in Art. 13 of the EU General Data Protection Regulation (EU-GDPR). A central aspect of this for us is the protection of personal data. Personal data is individual information about personal or factual circumstances of an identified or identifiable natural person. This includes information such as name, address, e-mail address and telephone number. The legal principles governing privacy can be found in the EU's GDPR as well as in the German Telemedia Act and in the EU's ordinance on ePrivacy.
Your rights in the area of privacy as a user of this website (rights of affected persons)
Data protection legislation views you as a party affected by our collecting data about your person during your visit to our website. Accordingly, legislation provides you with certain rights as an affected party that you possess as a user of this website. In detail, this covers the following rights:
At any time, you have the right to obtain information free of charge about your personal data stored by us, their origin and recipient and the purpose of any data processing without giving reasons. You also have a right to amend, correct, block or delete those details. You can also restrict the processing of your details and/or object to that processing (the right of objection) and you also have a fundamental right to data transferability. Where you have provided us with your consent to process your details, you can revoke that consent at any time. You also have the right to appeal to the supervisory authorities in accordance with Art. 77 of EU-GDPR.
Contact details: person responsible – data protection coordinators – data protection officer
If you have any questions about privacy at Hotel Schlossberg Wehingen that have not been answered in this privacy policy, or if you wish to invoke your rights as an affected party, the following contact options are available to you:
The Board of Management identified in the legal notice is responsible for data processing. However, since the Board is occupied with many other matters, we advise you to contact our privacy coordinators (datenschutz@schlossberg-wehingen.de) by e-mail. You can also use the postal service. Our address can also be found in the legal notice.
Furthermore, Hotel Schlossberg Wehingen has appointed an external privacy officer. That officer can also be contacted at datenschutz@schlossberg-wehingen.de. We wish to advise that you can contact any of our employees for details of your rights as an affected party. However, it would be very helpful to us if you would direct questions about privacy to our privacy coordinators (datenschutz@schlossberg-wehingen.de).
If you wish to use the right of objection defined in Art. 77 of EU's GDPR, please contact the responsible supervisory authority.
Recipients of personal data
If you communicate personal data to us, the principal recipients of those details are the employees of Hotel Schlossberg Wehingen entrusted with that task. Furthermore, it is possible that we may appoint other companies and individual people to perform tasks for us, e.g. services that you requested from us with the help of the contact form (for example to send out a printed copy of a product brochure). In such cases, this can lead to your details being disseminated by a company appointed by us for the purpose defined by you. For further details, please refer to "Obligations of employees and external service providers" and "Collaboration with external service providers".
Transmission of personal data to a third country
We do not intend to disseminate any personal data outside the area of jurisdiction of the EU's GDPR.
Storage time
Personal data communicated to us via our website are only stored until the purpose for which they were entrusted to us has been discharged in full. Where trade and taxation-related storage periods need to be observed, the storage period for certain kinds of data may extend for up to ten years.
Purpose of data collection
It is usually possible to use our website without having to provide any personal data. For the use of individual services on our website, different regulations may arise. In such cases, these will be explained separately below, informing you in particular of the nature, scope and purpose of the collection, use and processing of personal data. Nonetheless, we shall only process personal data to the extent required for the provision of a functional website and of our content and services. If personal data is thus collected, it is for the purpose of the technical provision of our online presence, for information purposes and contractual purposes associated with the provision of services. Your personal data will be used exclusively for the aforementioned purposes and only within the scope and to the extent necessary to fulfil these purposes.
Legal basis of data collection
Personal data may only be processed on a lawful basis. If we process personal data within the scope of our web presence, this is generally based on the protection of the legitimate interests of the person responsible in accordance with Art. 6 (1) lit. f EU-GDPR.
The protection of legitimate interests involves a balanced assessment of those interests, which include our own as the company responsible for processing data, and the interests of users of our website pages. As a company, we wish to inform you about our company as well as its products and services. You as a user and potential customer, supplier, competitor, party seeking information and/or applicant have an interest in informing yourselves about us as well as our services and products, in a technically accessible and convenient manner.
Furthermore, we give our visitors the opportunity to get in touch with us via the website. Accordingly, the processing of data is in the interests of both parties. At the same time, the processing of personal data is reduced to a minimum, from which we conclude that there is a sufficient legal principle governing that processing, one that upholds the legitimate interests of the parties involved.
As part of the application procedure, we use the legal basis of the contract and the process of drafting a contract (Art. 6 Para. 1 letter b of the EU's GDPR), in particular Section 26 of the new German Federal Data Protection Act (data processing for the purposes of an employment relationship). You can find further details in the ’Applications’ section.
In addition, we also make use of the legal basis of consent within the application procedure (Art. 6 (1) lit. a EU-GDPR). This consent is voluntary and serves the purpose of personal recruitment and the transfer of your details to an internal talent pool. You can find further details in the ’Applications’ section. You are free to decide whether you wish to grant consent or not. No adverse consequences arise if you choose not to grant your consent. At any future date, you can revoke wholly or in part any consent you may have granted. The legitimate status of data processing founded upon consent remains in place until consent is revoked. This means that, despite consent being revoked, processing prior to that point in time remains lawful.
Cookies
Our website uses what are known as cookies, which are there to make our Internet presence more user friendly, effective and safer – for example, when the aim is to speed up navigation to our website. Furthermore, cookies enable us to measure the frequency of visits to pages on the website and the generic usage of those pages.
Cookies are small text files that are stored on your computer system. Cookies do not cause any damage to your computer, and they contain no viruses. Please note that some of these cookies will be transferred from our server to your computer system, most of them being so-called ’session cookies’. Session cookies are characterised by the fact that they are deleted automatically from your hard drive at the end of a browser session. Other cookies remain on your computer system and make it possible for us to identify your computer system on your next visit (persistent cookies). Naturally, you can reject cookies at any time provided that your browser permits this. We would however point out that, in such cases, you may not be able to use the full scope of functions on our website. The Help function in the menu bar of most web browsers explains to you how to prevent your browser from accepting new cookies, how to advise your browser that you have just received a new cookie, and how to disable all of the cookies you have received. Of course, you can also delete cookies at a later date. This process is dependent on the browser and the operating system. We would ask you to research the process for retrospective deletion on your system.
Server log
Every visit to the pages of this web presence will be recorded and stored in what are known as server log files. This data is only used for the technical analysis of server usage. Specifically, the following items of data are collected:
This anonymous data is stored separately from any personal data you may provide, so it is not possible to trace it back to a specific person. The data are only communicated to third parties to the extent stipulated by law or where a court order requires this to be done. These data are not passed on to other parties for commercial or non-commercial purposes. However, we reserve the right to check these data at a later date if we have specific grounds for suspecting unlawful use.
Contact option
On our website, we provide you with an option for contacting us by e-mail and using contact forms. Your details from the enquiry form, including the contact details provided by you there for processing the enquiry and for connection questions, are then encrypted and forwarded to us where they are then stored. If you wish to contact us by e-mail, please note that we cannot assure the confidentiality of any information we receive in the form of unencrypted e-mails. The content of unencrypted e-mails can be viewed by third parties (also refer to the 'Information security' section).
Use and disclosure of personal data
If you appoint us to perform a service, we shall only use your personal data to the extent necessary to carry out the order (e.g. to process information enquiries or orders for brochures). In particular, this includes passing your details on to transport companies, banks or other parties involved in the provision of a service or service providers used for contractual fulfillment. Beyond this, we will not pass on or sell your personal data to third parties.
The following exceptions apply to this procedure: We disclose customer accounts and the personal data of customers if we are required to do so by law or if this disclosure is essential or to protect our rights and the rights of our customers and those of third parties, for example in the event of attacks on our network infrastructure. This can, for example, include the exchange of data with companies who specialise in the prevention or minimisation of abuse and credit card fraud and/or IT security. For clarification, we state explicitly that, in this context, no data are communicated to these companies for commercial purposes, which would contradict the provisions of this privacy policy.
Obligation of employees and external service providers
Naturally, our employees and the service providers appointed by us are bound by confidentiality and by the need to comply with the EU's GDPR provisions.
Collaboration with external service providers
We appoint other companies and individuals with the performance of tasks for us. Examples include the delivery of parcels, the sending of letters or e-mails, the analysis of our databases, IT services, promotional measures, the handling of payments and customer service operations. These service providers have access to the personal information they need to perform their assigned tasks. However, they are not permitted to use it for other purposes. Furthermore, they are obliged to treat this information in accordance with this privacy policy and the EU GDPR. If any of these sub-contractors are ’processors’ as defined in Art. 28 of EU GDPR, we will have concluded the appropriate legally-compliant contracts with them.
Information security
Hotel Schlossberg Wehingen employs appropriate technical and organisational security measures to the best of our knowledge at the present time in order to protect the data you have provided to us from accidental or deliberate manipulation, loss, destruction or access by unauthorised persons. This ensures that your data are stored in a safe operating environment to which the general public do not have access. We review our security measures at regular intervals and improve them continuously in accordance with technological development. If you wish to contact us by e-mail, please note that we cannot assure the confidentiality of any information we receive in the form of unencrypted e-mails. The content of unencrypted e-mails can be viewed by third parties. We therefore advise you to send us information in encrypted form, or via the postal system. We only ever use your e-mail address for correspondence with you. It is not used in any other way, nor is it disclosed to third parties.
Protection of your data by TLS and/or SSL
For secure data transmission on the Internet, we use the hybrid encryption protocol Transport Layer Security (TLS), much better known by its previous designation Secure Sockets Layer software (SSL). This software encrypts the information communicated by you. All information relating to data security is stored in encrypted form in a protected database.
Consent to, status and amendment of this privacy policy
By using our website, you consent to the kind of data processing described above. The current status is 22/05/2018. We reserve the right to amend this privacy policy at any future date, with due regard to the currently applicable data protection stipulations. We will publish the changes here.
Facebook privacy policy
The content of the Facebook company page "Schlossberg Wehingen Hotel | Restaurant | Bar" is maintained by Hotel Schlossberg Betriebs GmbH (Daimlerstraße 2, 78564 Wehingen, Germany; referred to as "Hotel Schlossberg" in the following). Hotel Schlossberg relies on the services of the website www.facebook.com for the information service offered here. These services are offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (referred to as "Meta" in the following). Hotel Schlossberg would like to point out that this Facebook company page and all functions associated with it (especially interactive functions such as commenting, liking, sharing and rating) are used by visitors of the page
on their own responsibility.
When visiting the Facebook page of Hotel Schlossberg, Meta as the responsible party collects some personal data of the user through the use of cookies. Data collection of this type by Meta can even occur when a person visits this Facebook page if they are not logged into or registered with Facebook. More information on the data collection and further processing carried out by Meta can be found in the privacy notices of Facebook at: https://www.facebook.com/about/privacy/
Hotel Schlossberg is not able to trace which user data are collected by Meta. Additionally, Hotel Schlossberg does not have full access to the collected data or the profile data of the user/visitor of the Facebook page. Hotel Schlossberg can only see the public information in the profile of a user.
At this juncture, Hotel Schlossberg would like to point out the option of each user to actively hide "likes" in their own Facebook settings or to no longer follow the Facebook page so as to no longer be listed as a follower of this Facebook page.
Meta sends Hotel Schlossberg anonymous statistics on the use of the Facebook page. The following data are provided, for example: follower number trend, range of/interaction with specific articles, ad performance, demographics etc. These statistics do not allow Hotel Schlossberg to draw conclusions regarding individual users. The data are used to continually optimise the online offering on Facebook with regard to the interests of users. Through their Facebook settings, users can decide on the form in which advertisements targeted toward them are displayed.
Meta sends Hotel Schlossberg personal data if users actively share it, e.g. via the message function on Facebook or via advertisements with instant forms. User data like a surname and given name are used by Hotel Schlossberg to handle the requests of users, but they are not saved beyond this.
This privacy policy can be found in the respective applicable version on the Hotel Schlossberg Facebook page under "Data policy".
Instagram privacy policy
The content of the Instagram "hotelschlossberg" company pages is maintained by Hotel Schlossberg Betriebs GmbH (Daimlerstraße 2, 78564 Wehingen, Germany; referred to as "Hotel Schlossberg" in the following). For the information service offered here, Hotel Schlossberg relies on the
services of the www.instagram.com website. These services are offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (referred to as "Meta" in the following). Hotel Schlossberg would like to point out that this Instagram company page and all functions associated with it (especially interactive functions such as commenting and liking) are used by visitors of the pages on their own responsibility.
When visiting the Instagram page of Hotel Schlossberg, Meta as the responsible party collects some personal data of the user through the use of cookies. Data collection of this type by Meta can even occur when a person visits this Instagram page if they are not logged into or registered with Instagram. More information on the data collection and further processing carried out by Meta can be found in the privacy notices of Instagram at: https://help.instagram.com/519522125107875
Hotel Schlossberg is not able to trace which user data are collected by Meta by using Instagram. Additionally, Hotel Schlossberg does not have full access to the collected data or the profile data of the user/visitor of the Instagram pages. Hotel Schlossberg can only see the public information in the profile of a user. At this juncture, Hotel Schlossberg would like to point out the option of each user to manage the public information in their personal Instagram settings.
Meta send Hotel Schlossberg anonymous statistics on the use of the Instagram page. The following data are provided, for example: follower number trend, range of/interaction with specific articles, ad performance, demographics etc. These statistics do not allow Hotel Schlossberg to draw conclusions regarding individual users. The data are used to continually optimise the online offering on Instagram with regard to the interests of users. Through their Instagram settings, users can decide on the form in which advertisements targeted toward them are displayed.
Meta sends Hotel Schlossberg personal data if users actively share it, e.g. via the message function on Facebook or via advertisements with instant forms. User data like a surname and given name are used by Hotel Schlossberg to handle the requests of users, but they are not saved beyond this.
This privacy policy can be found in the respective applicable version on the Hotel Schlossberg Instagram account in the profile.